Warning: Permanently added '[localhost]:53475' (ECDSA) to the list of known hosts. 2025/01/21 14:34:32 fuzzer started 2025/01/21 14:34:33 dialing manager at localhost:44833 syzkaller login: [ 83.193956] cgroup: Unknown subsys name 'net' [ 83.310671] cgroup: Unknown subsys name 'cpuset' [ 83.327979] cgroup: Unknown subsys name 'rlimit' [ 89.047526] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 99.753613] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 102.649429] hrtimer: interrupt took 6641539 ns 2025/01/21 14:34:59 syscalls: 2217 2025/01/21 14:34:59 code coverage: enabled 2025/01/21 14:34:59 comparison tracing: enabled 2025/01/21 14:34:59 extra coverage: enabled 2025/01/21 14:34:59 setuid sandbox: enabled 2025/01/21 14:34:59 namespace sandbox: enabled 2025/01/21 14:34:59 Android sandbox: enabled 2025/01/21 14:34:59 fault injection: enabled 2025/01/21 14:34:59 leak checking: enabled 2025/01/21 14:34:59 net packet injection: enabled 2025/01/21 14:34:59 net device setup: enabled 2025/01/21 14:34:59 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/21 14:34:59 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/21 14:34:59 USB emulation: enabled 2025/01/21 14:34:59 hci packet injection: enabled 2025/01/21 14:34:59 wifi device emulation: enabled 2025/01/21 14:34:59 802.15.4 emulation: enabled 2025/01/21 14:34:59 fetching corpus: 50, signal 17362/18496 (executing program) 2025/01/21 14:34:59 fetching corpus: 100, signal 19093/21121 (executing program) 2025/01/21 14:34:59 fetching corpus: 150, signal 21439/24122 (executing program) 2025/01/21 14:35:00 fetching corpus: 200, signal 22576/25915 (executing program) 2025/01/21 14:35:00 fetching corpus: 250, signal 23094/27099 (executing program) 2025/01/21 14:35:00 fetching corpus: 299, signal 23570/28219 (executing program) 2025/01/21 14:35:00 fetching corpus: 299, signal 23570/29040 (executing program) 2025/01/21 14:35:00 fetching corpus: 299, signal 23570/29814 (executing program) 2025/01/21 14:35:00 fetching corpus: 299, signal 23570/30608 (executing program) 2025/01/21 14:35:00 fetching corpus: 299, signal 23570/31393 (executing program) 2025/01/21 14:35:00 fetching corpus: 299, signal 23570/32195 (executing program) 2025/01/21 14:35:00 fetching corpus: 299, signal 23570/32981 (executing program) 2025/01/21 14:35:01 fetching corpus: 299, signal 23570/33777 (executing program) 2025/01/21 14:35:01 fetching corpus: 299, signal 23570/34557 (executing program) 2025/01/21 14:35:01 fetching corpus: 299, signal 23570/35352 (executing program) 2025/01/21 14:35:01 fetching corpus: 299, signal 23570/36132 (executing program) 2025/01/21 14:35:01 fetching corpus: 299, signal 23570/36918 (executing program) 2025/01/21 14:35:01 fetching corpus: 299, signal 23570/37687 (executing program) 2025/01/21 14:35:01 fetching corpus: 299, signal 23570/38465 (executing program) 2025/01/21 14:35:01 fetching corpus: 299, signal 23570/38756 (executing program) 2025/01/21 14:35:01 fetching corpus: 299, signal 23570/38756 (executing program) 2025/01/21 14:35:05 starting 8 fuzzer processes 14:35:05 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000000)=0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'}) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r2, 0x100, 0x70bd29, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x1}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x2068900}, 0x80) r3 = syz_open_dev$vcsa(&(0x7f00000001c0), 0xb7, 0x803) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r3, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r2, 0x800, 0x70bd2a, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x2800}, 0x4000) r4 = syz_open_dev$vcsa(&(0x7f0000000300), 0x4, 0x8000) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3) sendmsg$NL80211_CMD_PROBE_CLIENT(r4, &(0x7f0000000440)={&(0x7f0000000340), 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x34, r5, 0x100, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0) ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f0000000480)) fstat(r4, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'hsr0\x00', 0x0}) sendmsg$nl_xfrm(r1, &(0x7f0000000b00)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000ac0)={&(0x7f00000007c0)=@updpolicy={0x2fc, 0x19, 0x400, 0x70bd26, 0x25dfdbfe, {{@in6=@private0, @in=@empty, 0x4e24, 0x5, 0x4e22, 0x1f, 0x2, 0x80, 0x80, 0x67, 0x0, r6}, {0x0, 0xf2e, 0x6, 0x4, 0x6, 0x7, 0x3f, 0x5}, {0x5, 0x8, 0x5, 0x2}, 0x5, 0x6e6bb1, 0x0, 0x0, 0x0, 0x2}, [@migrate={0xe8, 0x11, [{@in=@multicast2, @in=@rand_addr=0x64010101, @in=@multicast2, @in6=@dev={0xfe, 0x80, '\x00', 0x34}, 0x2b, 0x2, 0x0, 0x0, 0x2, 0x2}, {@in6=@mcast2, @in=@broadcast, @in=@loopback, @in6=@mcast2, 0xff, 0x2, 0x0, 0x3504, 0x2, 0x2}, {@in6=@local, @in=@multicast1, @in6=@dev={0xfe, 0x80, '\x00', 0x20}, @in=@local, 0x2b, 0x0, 0x0, 0x3504, 0xa, 0x5adaeb998b9742c8}]}, @tmpl={0x44, 0x5, [{{@in=@dev={0xac, 0x14, 0x14, 0x3b}, 0x4d4, 0x6c}, 0xa, @in6=@loopback, 0x3501, 0x4, 0x1, 0xa7, 0xf0, 0x5}]}, @XFRMA_IF_ID={0x8, 0x1f, r7}, @algo_aead={0x10e, 0x12, {{'aegis256-generic\x00'}, 0x610, 0x40, "c58ba1c493c81a1a09ec682c04b84cb792fa48a83bec49f7880c9af88e72b0add253789957d218400f8d5848377af9e47669ab15669849b5fa64902181b3fb4665ac56776818a286ac201f9f31f21b05c5ef326b2cf054b8e08bc2e3de4f1bc9b188bbd0f1d5094847fc0a4f1272d7b7719ba47df8f451905476298995c247bf48104240711f10736b0f50b4a2a3d7e1cff76927be4db9643ffb64e2bd906adf5fbb8e8746b4957cad4410594bc6aec800a7a2c8a95bdac122a02ba5a854b70df414"}}]}, 0x2fc}, 0x1, 0x0, 0x0, 0x20004000}, 0x4040) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$FITRIM(r8, 0xc0185879, &(0x7f0000000b40)={0xffff, 0x7, 0x6}) r9 = signalfd(0xffffffffffffffff, &(0x7f0000000b80)={[0x400000]}, 0x8) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000bc0)={0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_READY(r9, 0xc0189376, &(0x7f0000000c00)={{0x1, 0x1, 0x18, r10}, './file0\x00'}) syz_genetlink_get_family_id$tipc(&(0x7f0000000c40), 0xffffffffffffffff) 14:35:05 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x101900, 0x0) ioctl$FICLONE(r0, 0x40049409, r1) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000080)={@empty, @local, @dev={0xac, 0x14, 0x14, 0x3c}}, 0xc) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) timerfd_settime(r0, 0x0, &(0x7f0000000100)={{0x77359400}, {r2, r3+60000000}}, &(0x7f0000000140)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000180)) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f00000001c0)) ioctl$BTRFS_IOC_DEFRAG(r1, 0x50009402, 0x0) fsetxattr$security_selinux(r1, &(0x7f0000000200), &(0x7f0000000240)='system_u:object_r:hwclock_exec_t:s0\x00', 0x24, 0x0) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000280)) r4 = openat$null(0xffffffffffffff9c, &(0x7f00000002c0), 0x64003, 0x0) ioctl$KDSKBSENT(r4, 0x4b49, &(0x7f0000000300)={0x5, "35bbbb3b2d8a813bf44625c6307229289f15f625c7f6932c226b55145c8ddb2400b849fca414e12ca2563385428c0949eaf70e5de80611819e7d77bcb1ff8eb9acaf5ecc6e2ef7645a4600da98e6f898563fac8456c5942bf66216319809a8ae223b5ed57ebfb2fa83f4c69920417c7f4b04f65d2afa669031bcdfe7491f4688009978a03258ba653c0cfa2d4b8812bbef933d2fae47a6779a9e167e4b2b1aff45c81b40bebaaf79d5c6e2188f7b5a656345c8bad0c5ea6586c2ae76fe06e869b20fce525e56f4ad2228a181000234d9851f63bc76ac2fdb7bcb7fea872576f6cf61076816025c1663df6e391be70d0f90d9aa93ed22f3435a8d613b4768336fe6ef9a1f7d35e8604f6971f3da5ce1485ad6297e0910538c4e476f724dde2a103edc3c761747b971e2a8d8ec3490e3b7b8b3d6f9a6ab4df78b647870f862284214ee1960195978d9c69fce178424465b53a78e8e1a082138aaf18a7e2419d0b5c461b27407fdc8f35c06d24b90ae36eb96b2518cc4289d6e1c25a61371638cd0b9ac3af6b34b115a5db12e43a207ffcf6ca152577ff6e4dc8b4c40f531088417f844cc41ee7185ad03da030ebf5c7b22ccb6405891d780708b57ff903fea2510a2f75610e556477268badbdbd4438f738cbcc3d538fa26a1581174eda5740ac889401e27172e5238870df48379e1ff7240437979df5cb3a5d362a3fdb0a33994"}) ioctl$TIOCMBIS(r4, 0x5416, &(0x7f0000000540)=0x6) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r1, 0x4008941a, &(0x7f0000000580)=0x2) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r4, 0xf504, 0x0) r5 = signalfd(r1, &(0x7f00000005c0)={[0x8000]}, 0x8) ioctl$KIOCSOUND(r5, 0x4b2f, 0x92d5) ioctl$sock_inet_SIOCDELRT(r4, 0x890c, &(0x7f0000000640)={0x0, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @broadcast}, {0x2, 0x4e23, @multicast2}, 0x246, 0x0, 0x0, 0x0, 0x40, &(0x7f0000000600)='macvtap0\x00', 0x4, 0x3, 0x80}) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000740)={0x5, 0x0, &(0x7f0000000700)=[r1, 0xffffffffffffffff]}, 0x2) 14:35:05 executing program 6: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = request_key(&(0x7f0000000080)='.dead\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000100)='keyring\x00', 0xfffffffffffffffc) keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000140)={r1, 0x25, 0xe7}, &(0x7f0000000180)={'enc=', 'pkcs1', ' hash=', {'sha1-asm\x00'}}, &(0x7f0000000200)="12a83767ebf8b80619eecf6903dc798e282ec27b317b7db32de61f107f359c47322fd4699c", &(0x7f0000000240)=""/231) keyctl$revoke(0x3, r1) r2 = add_key$fscrypt_v1(&(0x7f0000000340), &(0x7f0000000380)={'fscrypt:', @desc1}, &(0x7f00000003c0)={0x0, "aab60c5cd60fe24a6c5e71cdfcc475f1fd0cb8491357cba4e4bd5418f42b9d8c9ac37e35d77bf3b874b08a5c81a72cd7b9bec4a974111f0f747f1df929d1d72b", 0x16}, 0x48, r0) keyctl$invalidate(0x15, r2) keyctl$read(0xb, r2, &(0x7f0000000440)=""/229, 0xe5) keyctl$KEYCTL_PKEY_QUERY(0x18, r1, 0x0, &(0x7f0000000540)='\x00', &(0x7f0000000580)) r3 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r4 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r3) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f00000006c0)='keyring\x00', &(0x7f0000000700)=@chain={'key_or_keyring:', r0}) r5 = add_key(&(0x7f0000000740)='asymmetric\x00', &(0x7f0000000780)={'syz', 0x3}, &(0x7f00000007c0)="4fb9daac680deb6f65ce96f1da2fd2775e8d9a5e171f63545ce7146b3cefd479130ed1ab5cfc05288eafaeda54b7a158e0939e7519f0a8c24ac3b09581c77f008948b2b81bb28cf2734127af9ab520594da1ed59b0b5d02ccd77b0564ec268795738cacc0e47d2e0b40207fff0acc42fcfedd2e0c4eb86eb9b75b54782d3b33b942597aafdcc844f0cf443a37502b64d9fde917b1c6948ecfbca1756b73e83ea35c03790be9af38000f235cf7bf64b4e1f32f8f6a713272d7e9de2daa33e1e", 0xbf, r0) keyctl$update(0x2, r5, &(0x7f0000000880)="6d427d401a181c070f561a77b4602bdce374bb2695f7eaad739319752572aae8a23dc566744ea09b807394b73c22db77a9db03bc4bee8bdef3dfce1734afa9aaee2ba83d57dc97bc4f9f1bd0b591c370e08584534a218b0978ab9041bcedce45c28028cbece17f43f684b1f511369f7c7e05655d42eb0efb43e2a3ef665c94699697bf769b0ad45555bfccaca2fde48c27b987e9d5dd60b29c10e35720c808e0", 0xa0) r6 = add_key$keyring(&(0x7f0000000940), &(0x7f0000000980)={'syz', 0x2}, 0x0, 0x0, r1) keyctl$link(0x8, r4, r6) request_key(&(0x7f00000009c0)='id_resolver\x00', &(0x7f0000000a00)={'syz', 0x3}, &(0x7f0000000a40)='\\\x00', r1) keyctl$revoke(0x3, 0x0) r7 = add_key$keyring(&(0x7f0000000a80), &(0x7f0000000ac0)={'syz', 0x1}, 0x0, 0x0, r5) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f0000000b00)='ceph\x00', &(0x7f0000000b40)) keyctl$unlink(0x9, r0, 0x0) 14:35:05 executing program 5: semtimedop(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}, {0x4, 0x1, 0x800}, {0x0, 0x6, 0x800}, {0x2, 0xc91, 0x1800}, {0x2, 0x7, 0x1800}], 0x5, &(0x7f0000000040)={0x0, 0x3938700}) r0 = semget(0x2, 0x4, 0x80) r1 = semget$private(0x0, 0x4, 0x308) semctl$GETZCNT(r1, 0x0, 0xf, &(0x7f0000000080)=""/108) semop(r1, &(0x7f0000000100)=[{0x2, 0x8, 0x1800}, {0x3, 0x0, 0x1800}, {0x4, 0x9, 0x800}, {0x5, 0x80}], 0x4) semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000140)=""/14) r2 = semget(0x1, 0x4, 0x82) semctl$IPC_STAT(r2, 0x0, 0x2, &(0x7f0000000180)=""/231) semctl$SEM_INFO(r0, 0x0, 0x13, &(0x7f0000000280)=""/167) r3 = semget$private(0x0, 0x0, 0x102) semop(r3, &(0x7f0000000340)=[{0x1, 0x0, 0x800}, {0x0, 0x7f, 0x1000}, {0x3, 0x4, 0x1000}], 0x3) semctl$GETVAL(r0, 0x2, 0xc, &(0x7f0000000380)=""/226) semctl$SEM_STAT_ANY(r0, 0x2, 0x14, &(0x7f0000000480)=""/41) semctl$SETVAL(r0, 0x3, 0x10, &(0x7f00000004c0)=0xa5b) semtimedop(r0, &(0x7f0000000500)=[{0x3, 0x1, 0x1800}, {0x3, 0x1, 0x800}], 0x2, &(0x7f0000000540)={0x77359400}) semctl$IPC_INFO(r0, 0x1, 0x3, &(0x7f0000000580)=""/107) r4 = semget(0x3, 0x4, 0x60c) semctl$GETZCNT(r4, 0x1, 0xf, &(0x7f0000000600)=""/214) semctl$GETZCNT(r2, 0x2, 0xf, &(0x7f0000000700)=""/3) semctl$IPC_STAT(r1, 0x0, 0x2, &(0x7f0000000740)=""/85) 14:35:05 executing program 2: ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000000)={'sit0\x00', 0x0, 0x2f, 0x6, 0x5, 0x0, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x700, 0x7800, 0x7fffffff, 0xff}}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'syztnl0\x00', r0, 0x29, 0x9, 0x4, 0x2, 0x0, @local, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7, 0x10, 0x5, 0x1000}}) sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000801}, 0x40000810) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r1, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x74, r2, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x74}, 0x1, 0x0, 0x0, 0x4040}, 0x20004801) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r1, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x4c, r2, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x81}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x4c}}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_NAN(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x44, r5, 0x100, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xca394b77dbd03836}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xa}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x9}]}, 0x44}, 0x1, 0x0, 0x0, 0x899fb683ef5079ec}, 0x4) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000800)={'sit0\x00', &(0x7f0000000780)={'ip6tnl0\x00', r0, 0x29, 0x0, 0x4, 0xfff, 0x1, @remote, @empty, 0x8000, 0x20, 0x2, 0x8}}) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000880)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000008c0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_INTERFACE(r1, &(0x7f0000000980)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x30, r2, 0x2, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40040}, 0x400) r9 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000a00), r1) sendmsg$NLBL_CIPSOV4_C_REMOVE(r1, &(0x7f0000000bc0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000a40)={0x108, r9, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0xec, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x976b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb500}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x169104f1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6d58}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x717c881b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1e4061ee}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x26422ab6}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x62e5a980}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2f83dac}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4f6fbe11}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9d0b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5a074c2c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x490c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1b75}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2bc4}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5e029e5c}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x237203b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xde9b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x736c6959}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc5c7}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1bfceae7}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9ccd}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x43332acd}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7ced05b8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x63e2ad4e}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x108}, 0x1, 0x0, 0x0, 0x4810}, 0x20040041) r10 = openat$null(0xffffffffffffff9c, &(0x7f0000000c00), 0x301102, 0x0) sendmsg$NL80211_CMD_FLUSH_PMKSA(r10, &(0x7f0000000d00)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x20, r5, 0x400, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x4d}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x8}, 0x20044040) 14:35:05 executing program 1: prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000000)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000040)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000080)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000000c0)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000100)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000140)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000180)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000001c0)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000200)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000240)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000280)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000002c0)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000300)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000340)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000380)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000003c0)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000400)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000440)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000480)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000004c0)) 14:35:05 executing program 3: r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x8, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44048048}, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000001700)=[{&(0x7f0000000200)=""/38, 0x26}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/199, 0xc7}, {&(0x7f0000001340)=""/44, 0x2c}, {&(0x7f0000001380)=""/65, 0x41}, {&(0x7f0000001400)=""/200, 0xc8}, {&(0x7f0000001500)=""/134, 0x86}, {&(0x7f00000015c0)=""/209, 0xd1}, {&(0x7f00000016c0)=""/39, 0x27}], 0x9, &(0x7f00000017c0)=[@cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}, 0x2001) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000001880)={{0x1, 0x1, 0x18, r6}, './file0\x00'}) sendmsg$IPVS_CMD_GET_DAEMON(r3, &(0x7f0000001a00)={&(0x7f00000018c0)={0x10, 0x0, 0x0, 0x1000001}, 0xc, &(0x7f00000019c0)={&(0x7f0000001900)={0x9c, 0x0, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x18, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x3b}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'lblc\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xfff}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0xff7f}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0xfff5}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xffffffff}]}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_PROTOCOL={0x6}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x101}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001a80), r7) sendmsg$TIPC_NL_LINK_SET(r6, &(0x7f0000001d40)={&(0x7f0000001a40)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001d00)={&(0x7f0000001ac0)={0x218, r8, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7ff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffff0e7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}]}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xcb}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_MEDIA={0x120, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xbb40}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x4}]}, @TIPC_NLA_BEARER={0x4}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7f}]}, @TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xba}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'macvlan0\x00'}}]}]}, 0x218}, 0x1, 0x0, 0x0, 0x24008000}, 0x8000) r9 = syz_open_procfs(r2, &(0x7f0000001d80)='net/nf_conntrack_expect\x00') ioctl$AUTOFS_DEV_IOCTL_VERSION(r9, 0xc0189371, &(0x7f0000001dc0)={{0x1, 0x1, 0x18, r7}, './file0\x00'}) mknod$loop(&(0x7f0000001e00)='./file0\x00', 0x40, 0x0) ioctl$HIDIOCGFEATURE(r4, 0xc0404807, &(0x7f0000001e40)={0x1, "08ec6d1d789b235dda9ae3bec08f754f823329ecc0dd122645cadc76210754bb36ba651b90eeb4de745872b83c7fa44104d583b7c38c82fe3119ee4061802da7"}) fsetxattr$security_ima(r3, &(0x7f0000001ec0), &(0x7f0000001f00)=@v2={0x5, 0x0, 0x13, 0x46c, 0x8a, "654865e52cb9937651a8142c2e47099fb33f376eee380e44ec4b567b3555789224d46d8ba6af2cebef50bd68257c0698c62ce138cf585930eba292b130034fbb627e4701771df8e8a362869466c436933f04bc62081e44fb36f34824fb4d48fd2b1593cb6e8e34982f61ac2632736ce3f261a476a8baedcf3e5f9130a8f4c7acfea733a9bb66a4187b2f"}, 0x93, 0x1) pidfd_getfd(r10, r5, 0x0) r11 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000001fc0)='/proc/self/attr/exec\x00', 0x2, 0x0) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r11, 0x80286722, &(0x7f0000002080)={&(0x7f0000002000)=""/123, 0x7b, 0x6, 0x8}) ioctl$FIONCLEX(r11, 0x5450) io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000020c0), 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(r5, &(0x7f0000002280)={&(0x7f0000002100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000002240)={&(0x7f0000002140)={0xec, r8, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1ff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x81}]}, @TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}]}, @TIPC_NLA_BEARER={0x84, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}]}, @TIPC_NLA_BEARER_PROP={0x4}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'vlan0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0xfffffff9, @rand_addr=' \x01\x00', 0x4}}, {0x14, 0x2, @in={0x2, 0x4e22, @multicast2}}}}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x40000}, 0x44810) 14:35:05 executing program 7: tgkill(0xffffffffffffffff, 0xffffffffffffffff, 0x5) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x44000, 0x90) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000040)=0x0) fcntl$setownex(r0, 0xf, &(0x7f0000000080)={0x2, r1}) ioctl$BTRFS_IOC_INO_PATHS(r0, 0xc0389423, &(0x7f0000000100)={0xa3d, 0x8, [0x3, 0xa0cd, 0x80000001, 0xffffffffcbaec0b1], &(0x7f00000000c0)=[0x0]}) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x64, 0x4, 0x8, 0x300, 0x0, 0x0, {0x0, 0x0, 0x3}, [@CTA_TIMEOUT_DATA={0x4}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_CLOSE={0x8, 0x8, 0x1, 0x0, 0x80000000}, @CTA_TIMEOUT_TCP_CLOSE={0x8, 0x8, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_TCP_CLOSE={0x8, 0x8, 0x1, 0x0, 0x4}]}, @CTA_TIMEOUT_L4PROTO={0x5}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x3a}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x40805) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x94, 0x0, 0x1, 0x301, 0x0, 0x0, {0x3, 0x0, 0x4}, [@CTA_TUPLE_MASTER={0x80, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @private1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0xc7}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0xbe}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x4880}, 0x14010) r2 = fcntl$getown(r0, 0x9) get_robust_list(r2, &(0x7f00000004c0)=&(0x7f0000000480)={&(0x7f0000000400), 0x0, &(0x7f0000000440)}, &(0x7f0000000500)=0x18) getpgrp(r1) sched_setparam(r2, &(0x7f0000000540)=0x401) r3 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x4c, 0x0, 0x1, 0x201, 0x0, 0x0, {0xc, 0x0, 0x4}, [@CTA_LABELS={0xc, 0x16, 0x1, 0x0, [0x7f, 0xffffffff]}, @CTA_SYNPROXY={0x2c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x80000001}, @CTA_SYNPROXY_ITS={0x8}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x5598}, @CTA_SYNPROXY_TSOFF={0x8}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x7}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x20008004) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r3, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x4c, 0x0, 0x0, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x1c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x20}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x1}, @NL80211_MESHCONF_RSSI_THRESHOLD={0x8, 0x14, 0xffffffffffffff66}]}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x40, 0x73}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x53}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x48c0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LIST_PHY(r4, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x14, 0x0, 0x100, 0x70bd2b, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x10014) ioctl$sock_TIOCINQ(r3, 0x541b, &(0x7f00000009c0)) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r3, 0x8983, &(0x7f0000000a00)={0x3, 'team_slave_0\x00', {0x8001}, 0xc81}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a80), r3) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x34, r5, 0x4, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void, @val={0xc, 0x99, {0x8000, 0x54}}}}, [@NL80211_ATTR_PID={0x8}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x546ca08e, 0x40}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x20004885) [ 115.247183] audit: type=1400 audit(1737470105.625:7): avc: denied { execmem } for pid=276 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 116.832356] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 116.833835] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 116.835032] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 116.843260] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 116.845986] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 116.847148] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 116.852766] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 116.856170] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 116.857399] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 116.864455] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 116.865183] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 116.868218] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 116.870261] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 116.874764] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 116.876763] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 116.889895] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 116.895232] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 116.895811] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 116.897229] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 116.897242] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 116.899317] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 116.903746] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 116.905358] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 116.907012] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 116.909003] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 116.910290] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 116.913299] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 116.915192] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 116.916337] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 116.916805] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 116.944973] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 116.946261] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 116.946886] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 116.956942] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 116.960203] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 116.961727] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 116.965341] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 116.972833] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 116.974371] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 116.988196] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 116.989849] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 116.999366] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 117.001925] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 117.006028] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 117.007230] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 117.007902] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 117.017058] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 117.019281] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 118.927190] Bluetooth: hci0: command tx timeout [ 118.990112] Bluetooth: hci5: command tx timeout [ 118.990178] Bluetooth: hci3: command tx timeout [ 118.990400] Bluetooth: hci1: command tx timeout [ 119.053812] Bluetooth: hci4: command tx timeout [ 119.059088] Bluetooth: hci2: command tx timeout [ 119.059250] Bluetooth: hci6: command tx timeout [ 119.130109] Bluetooth: hci7: command tx timeout [ 120.973731] Bluetooth: hci0: command tx timeout [ 121.037626] Bluetooth: hci3: command tx timeout [ 121.037702] Bluetooth: hci5: command tx timeout [ 121.037771] Bluetooth: hci1: command tx timeout [ 121.101665] Bluetooth: hci6: command tx timeout [ 121.102288] Bluetooth: hci2: command tx timeout [ 121.103553] Bluetooth: hci4: command tx timeout [ 121.167538] Bluetooth: hci7: command tx timeout [ 123.021661] Bluetooth: hci0: command tx timeout [ 123.085663] Bluetooth: hci3: command tx timeout [ 123.085732] Bluetooth: hci1: command tx timeout [ 123.085763] Bluetooth: hci5: command tx timeout [ 123.149613] Bluetooth: hci4: command tx timeout [ 123.149731] Bluetooth: hci6: command tx timeout [ 123.150871] Bluetooth: hci2: command tx timeout [ 123.213757] Bluetooth: hci7: command tx timeout [ 125.071599] Bluetooth: hci0: command tx timeout [ 125.133748] Bluetooth: hci1: command tx timeout [ 125.133861] Bluetooth: hci5: command tx timeout [ 125.133921] Bluetooth: hci3: command tx timeout [ 125.202592] Bluetooth: hci2: command tx timeout [ 125.202621] Bluetooth: hci6: command tx timeout [ 125.202704] Bluetooth: hci4: command tx timeout [ 125.262876] Bluetooth: hci7: command tx timeout [ 177.220238] syz-executor.6 (293) used greatest stack depth: 24000 bytes left [ 179.689183] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 179.692171] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 179.694531] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 179.704277] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 179.706798] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 179.707800] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 179.715828] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 179.721423] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 179.724669] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 179.725118] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 179.726210] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 179.737412] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 179.744849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 179.747625] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 179.754745] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 179.758942] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 179.762850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 179.763746] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 179.764229] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 179.768331] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 179.772452] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 179.774152] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 179.779822] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 179.780997] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 179.786237] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 179.787989] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 179.794035] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 179.797765] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 179.802650] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 179.802908] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 179.806626] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 179.808418] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 179.810753] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 179.818807] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 179.826336] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 179.832159] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 179.832843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 179.836896] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 179.838796] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 179.840790] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 179.841076] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 179.845250] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 179.847065] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 179.849531] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 179.855763] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 179.874977] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 179.884117] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 179.886730] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 181.838668] Bluetooth: hci0: command tx timeout [ 181.839218] Bluetooth: hci3: command tx timeout [ 181.839402] Bluetooth: hci1: command tx timeout [ 181.839593] Bluetooth: hci2: command tx timeout [ 181.902566] Bluetooth: hci4: command tx timeout [ 181.966563] Bluetooth: hci6: command tx timeout [ 181.966807] Bluetooth: hci7: command tx timeout [ 182.349635] Bluetooth: hci5: command tx timeout [ 183.885680] Bluetooth: hci2: command tx timeout [ 183.885801] Bluetooth: hci1: command tx timeout [ 183.885861] Bluetooth: hci3: command tx timeout [ 183.885916] Bluetooth: hci0: command tx timeout [ 183.950989] Bluetooth: hci4: command tx timeout [ 184.019571] Bluetooth: hci7: command tx timeout [ 184.019693] Bluetooth: hci6: command tx timeout [ 184.398547] Bluetooth: hci5: command tx timeout [ 185.933851] Bluetooth: hci2: command tx timeout [ 185.934092] Bluetooth: hci0: command tx timeout [ 185.934153] Bluetooth: hci3: command tx timeout [ 185.934209] Bluetooth: hci1: command tx timeout [ 185.997564] Bluetooth: hci4: command tx timeout [ 186.062310] Bluetooth: hci7: command tx timeout [ 186.062423] Bluetooth: hci6: command tx timeout [ 186.445920] Bluetooth: hci5: command tx timeout [ 187.983609] Bluetooth: hci2: command tx timeout [ 187.983716] Bluetooth: hci1: command tx timeout [ 187.983809] Bluetooth: hci3: command tx timeout [ 187.983878] Bluetooth: hci0: command tx timeout [ 188.049650] Bluetooth: hci4: command tx timeout [ 188.111532] Bluetooth: hci6: command tx timeout [ 188.111621] Bluetooth: hci7: command tx timeout [ 188.493801] Bluetooth: hci5: command tx timeout [ 241.854140] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 241.873682] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 241.875659] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 241.879277] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 241.880269] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 241.880860] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 241.939289] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 241.971229] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 241.977255] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 241.990554] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 241.995791] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 241.997952] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 242.090425] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 242.100804] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 242.101340] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 242.105153] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 242.106151] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 242.106828] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 242.141263] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 242.145359] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 242.149106] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 242.152711] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 242.156795] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 242.158939] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 242.158968] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 242.170877] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 242.176377] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 242.196268] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 242.208401] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 242.210823] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 242.212854] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 242.216539] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 242.219958] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 242.221325] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 242.228348] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 242.231997] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 242.233158] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 242.240793] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 242.245104] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 242.267092] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 242.278099] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 242.279769] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 242.280310] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 242.280607] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 242.282232] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 242.291330] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 242.294308] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 242.306195] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 243.931014] Bluetooth: hci0: command tx timeout [ 244.047733] Bluetooth: hci1: command tx timeout [ 244.188508] Bluetooth: hci2: command tx timeout [ 244.237575] Bluetooth: hci3: command tx timeout [ 244.306429] Bluetooth: hci5: command tx timeout [ 244.307864] Bluetooth: hci4: command tx timeout [ 244.308076] Bluetooth: hci6: command tx timeout [ 244.365620] Bluetooth: hci7: command tx timeout [ 245.966614] Bluetooth: hci0: command tx timeout [ 246.094553] Bluetooth: hci1: command tx timeout [ 246.222671] Bluetooth: hci2: command tx timeout [ 246.286663] Bluetooth: hci3: command tx timeout [ 246.350672] Bluetooth: hci6: command tx timeout [ 246.350791] Bluetooth: hci4: command tx timeout [ 246.350918] Bluetooth: hci5: command tx timeout [ 246.413605] Bluetooth: hci7: command tx timeout [ 248.013594] Bluetooth: hci0: command tx timeout [ 248.142542] Bluetooth: hci1: command tx timeout [ 248.274396] Bluetooth: hci2: command tx timeout [ 248.333714] Bluetooth: hci3: command tx timeout [ 248.397700] Bluetooth: hci5: command tx timeout [ 248.397864] Bluetooth: hci4: command tx timeout [ 248.397960] Bluetooth: hci6: command tx timeout [ 248.462038] Bluetooth: hci7: command tx timeout [ 250.062079] Bluetooth: hci0: command tx timeout [ 250.189557] Bluetooth: hci1: command tx timeout [ 250.318565] Bluetooth: hci2: command tx timeout [ 250.382664] Bluetooth: hci3: command tx timeout [ 250.447725] Bluetooth: hci6: command tx timeout [ 250.448223] Bluetooth: hci4: command tx timeout [ 250.448334] Bluetooth: hci5: command tx timeout [ 250.510653] Bluetooth: hci7: command tx timeout [ 283.329538] modprobe (7935) used greatest stack depth: 23328 bytes left [ 304.249821] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 304.260943] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 304.262103] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 304.273432] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 304.275064] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 304.276213] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 304.363822] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 304.364760] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 304.366091] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 304.367659] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 304.370152] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 304.371599] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 304.377069] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 304.378310] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 304.380653] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 304.382159] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 304.388852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 304.394793] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 304.402591] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 304.417322] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 304.421466] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 304.427854] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 304.435895] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 304.438655] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 304.545059] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 304.554701] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 304.560249] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 304.600748] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 304.607048] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 304.608227] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 304.609115] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 304.627623] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 304.630459] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 304.637912] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 304.639574] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 304.640884] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 304.669108] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 304.669625] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 304.683739] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 304.683850] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 304.686111] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 304.692573] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 304.710295] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 304.713394] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 304.714831] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 304.721171] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 304.726240] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 304.727555] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 306.321206] Bluetooth: hci0: command tx timeout [ 306.449030] Bluetooth: hci1: command tx timeout [ 306.449226] Bluetooth: hci2: command tx timeout [ 306.513562] Bluetooth: hci3: command tx timeout [ 306.701705] Bluetooth: hci4: command tx timeout [ 306.701854] Bluetooth: hci5: command tx timeout [ 306.765681] Bluetooth: hci7: command tx timeout [ 306.836514] Bluetooth: hci6: command tx timeout [ 308.381489] Bluetooth: hci0: command tx timeout [ 308.493595] Bluetooth: hci2: command tx timeout [ 308.513102] Bluetooth: hci1: command tx timeout [ 308.558644] Bluetooth: hci3: command tx timeout [ 308.749533] Bluetooth: hci5: command tx timeout [ 308.763286] Bluetooth: hci4: command tx timeout [ 308.813828] Bluetooth: hci7: command tx timeout [ 308.877597] Bluetooth: hci6: command tx timeout [ 310.413529] Bluetooth: hci0: command tx timeout [ 310.541690] Bluetooth: hci1: command tx timeout [ 310.542081] Bluetooth: hci2: command tx timeout [ 310.605545] Bluetooth: hci3: command tx timeout [ 310.797759] Bluetooth: hci4: command tx timeout [ 310.798110] Bluetooth: hci5: command tx timeout [ 310.861652] Bluetooth: hci7: command tx timeout [ 310.926234] Bluetooth: hci6: command tx timeout [ 312.462485] Bluetooth: hci0: command tx timeout [ 312.589694] Bluetooth: hci2: command tx timeout [ 312.589951] Bluetooth: hci1: command tx timeout [ 312.653540] Bluetooth: hci3: command tx timeout [ 312.845699] Bluetooth: hci4: command tx timeout [ 312.845895] Bluetooth: hci5: command tx timeout [ 312.909969] Bluetooth: hci7: command tx timeout [ 312.973533] Bluetooth: hci6: command tx timeout [ 366.755114] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 366.758800] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 366.760726] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 366.780316] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 366.782711] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 366.783913] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 366.871273] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 366.873090] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 366.874735] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 366.877347] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 366.879082] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 366.880212] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 366.938013] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 366.940073] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 366.946682] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 366.956833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 366.958685] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 366.959987] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 367.003699] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 367.006638] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 367.008238] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 367.010856] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 367.012678] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 367.013968] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 367.085543] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 367.089724] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 367.096136] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 367.100244] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 367.108710] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 367.110828] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 367.117987] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 367.122669] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 367.124475] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 367.128913] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 367.136754] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 367.138123] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 367.139701] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 367.141209] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 367.151593] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 367.179555] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 367.183718] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 367.196815] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 367.345828] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 367.350129] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 367.358646] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 367.398129] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 367.430676] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 367.467688] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 368.845544] Bluetooth: hci0: command tx timeout [ 368.910216] Bluetooth: hci1: command tx timeout [ 369.037530] Bluetooth: hci2: command tx timeout [ 369.104578] Bluetooth: hci3: command tx timeout [ 369.229612] Bluetooth: hci4: command tx timeout [ 369.293585] Bluetooth: hci5: command tx timeout [ 369.485569] Bluetooth: hci6: command tx timeout [ 369.550599] Bluetooth: hci7: command tx timeout [ 370.893531] Bluetooth: hci0: command tx timeout [ 370.957581] Bluetooth: hci1: command tx timeout [ 371.085505] Bluetooth: hci2: command tx timeout [ 371.149766] Bluetooth: hci3: command tx timeout [ 371.277754] Bluetooth: hci4: command tx timeout [ 371.341525] Bluetooth: hci5: command tx timeout [ 371.533525] Bluetooth: hci6: command tx timeout [ 371.597563] Bluetooth: hci7: command tx timeout [ 372.953557] Bluetooth: hci0: command tx timeout [ 373.022162] Bluetooth: hci1: command tx timeout [ 373.135482] Bluetooth: hci2: command tx timeout [ 373.197555] Bluetooth: hci3: command tx timeout [ 373.330757] Bluetooth: hci4: command tx timeout [ 373.389525] Bluetooth: hci5: command tx timeout [ 373.587350] Bluetooth: hci6: command tx timeout [ 373.645589] Bluetooth: hci7: command tx timeout [ 374.989495] Bluetooth: hci0: command tx timeout [ 375.053493] Bluetooth: hci1: command tx timeout [ 375.181512] Bluetooth: hci2: command tx timeout [ 375.247502] Bluetooth: hci3: command tx timeout [ 375.373685] Bluetooth: hci4: command tx timeout [ 375.437659] Bluetooth: hci5: command tx timeout [ 375.629603] Bluetooth: hci6: command tx timeout [ 375.693506] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 14:40:12 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=00000000a46a40f7 RCX=00007f54af01bb68 RDX=000000000000000d RSI=00007f54af0468f1 RDI=00007f54af0468f1 RBP=00007f54af329878 RSP=00007ffdae873910 R8 =0000000000000000 R9 =00007f54af01bb68 R10=00007f54af035d3c R11=0000000000000007 R12=00007f54af035d3c R13=00007ffdae873a78 R14=00007ffdae873950 R15=00007ffdae873960 RIP=00007f54af33fd02 RFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA] SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f54aee1f540 00000000 00000000 GS =0000 0000000000000000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f54aef53570 CR3=000000003109a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00ff00000000000000000000000000ff XMM01=ff00ffffffffffffffffffffffffff00 XMM02=ff00ffffffffffffffffffffff000000 XMM03=00000000000070616d6d00666e6f6373 XMM04=6c6c616373797300746365746f72706d XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff84a0d7e3 RDX=ffff88802daab780 RSI=ffffffff84a0d790 RDI=0000000000000006 RBP=ffff888031086420 RSP=ffff888016abfc80 R8 =0000000000000001 R9 =fffffbfff0fe19e4 R10=00007fe33bbd4000 R11=0000000000000000 R12=00007fe33bbd4000 R13=0000000000000003 R14=000000000000000f R15=00007fe33b8f3fff RIP=ffffffff8171a3d8 RFL=00000292 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fe33b711540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe2b00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe33bbd4000 CR3=000000003c202000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffff00ffffffffffffffffffffff00ff XMM02=4c4700362e322e325f4342494c470035 XMM03=00000000000000000000000000470035 XMM04=4342494c4700362e322e325f4342494c XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000